Los escáneres de vulnerabilidades automatizan la auditoría de seguridad al escanear redes y sitios web para encontrar miles de riesgos de seguridad priorizados, como inyecciones SQL, cross-site scripting y configuraciones inseguras de servidores. Existen escáneres basados en red, como Nmap, y basados en host. Los escáneres ayudan con la detección temprana de problemas pero requieren juicio humano, y se limitan a vulnerabilidades conocidas.
This is a methodology presentation to examine organizational and technology issues to compile an understandable view of the information security needs of the organization.
Infocyte - Digital Forensics and Incident Response (DFIR) Training SessionInfocyte
Join Infocyte co-founder and Chief Product Officer, Chris Gerritz, for a two-hour digital forensics and incident response (DFIR) training session.
During this presentation, Chris shows participants how to set up Infocyte's managed detection and response (MDR) platform and how to leverage Infocyte to detect, investigate, isolate, and eliminate sophisticated cyber threats. Additionally, Infocyte helps enterprise cyber security teams eliminate hidden IT risks, improve security hygiene, maintain compliance, and streamline security operations—including improving the capabilities of existing endpoint security tools.
Using Infocyte's new extensions, participants are encouraged to custom create their own collection (detection and analysis) and action (incident response) extensions.
Solar winds supply chain breach - Insights from the trenchesInfosec
On December 13 2020, the Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive to immediately “disconnect or power down SolarWinds Orion products” as they were being actively exploited by malicious actors.
Infosec Skills author and KM Cyber Security managing partner Keatron Evans is helping numerous clients respond to the breach and mitigate any potential damage. Join him as he discusses:
-What we know about the breach so far
-How his clients have responded to the incident
-What to look for in your environment to see if you’ve been affected
This is a methodology presentation to examine organizational and technology issues to compile an understandable view of the information security needs of the organization.
Infocyte - Digital Forensics and Incident Response (DFIR) Training SessionInfocyte
Join Infocyte co-founder and Chief Product Officer, Chris Gerritz, for a two-hour digital forensics and incident response (DFIR) training session.
During this presentation, Chris shows participants how to set up Infocyte's managed detection and response (MDR) platform and how to leverage Infocyte to detect, investigate, isolate, and eliminate sophisticated cyber threats. Additionally, Infocyte helps enterprise cyber security teams eliminate hidden IT risks, improve security hygiene, maintain compliance, and streamline security operations—including improving the capabilities of existing endpoint security tools.
Using Infocyte's new extensions, participants are encouraged to custom create their own collection (detection and analysis) and action (incident response) extensions.
Solar winds supply chain breach - Insights from the trenchesInfosec
On December 13 2020, the Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive to immediately “disconnect or power down SolarWinds Orion products” as they were being actively exploited by malicious actors.
Infosec Skills author and KM Cyber Security managing partner Keatron Evans is helping numerous clients respond to the breach and mitigate any potential damage. Join him as he discusses:
-What we know about the breach so far
-How his clients have responded to the incident
-What to look for in your environment to see if you’ve been affected
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
The cyber security profession has successfully established explicit guidance for practitioners to implement effective cyber security programs via the NIST Cyber Security Framework (CSF). The CSF provides both a roadmap and a measuring stick for effective cyber security. Application of the CSF within cyber is nothing new, but the resurgence of Enterprise Security Risk Management and Security Convergence highlight opportunities for expanded application for cyber, physical, and personnel security risks. This NIST CSF can help practitioners build a cross-pollenated understanding of holistic risk.
Main points covered:
• Understand the purpose, value, and application of the NIST CSF in familiar non-technical terms.
• Understand how the Functions and Categories of the NIST CSF (the CSF “Core”) and an organization's “current” and “target” profiles are relevant and valuable in a variety of sectors and environments.
• Understand how an organization’s physical and cyber security resources and stakeholders can align with the NIST CSF as a tool to achieve holistic security risk management.
Presenters:
David Feeney, CPP, PMP has 17 years of security industry experience assisting organizations with risk management matters specific to physical, personnel, and cyber security. He has 9 years of experience with service providers and 8 years of experience within enterprise security organizations. David has worked with industry leaders in the energy, technology, healthcare, and real estate sectors. Areas of specialization include Security Operations Center design and management, Security Systems design and implementation, and Enterprise Risk Management. David holds leadership positions in ASIS International and is also a member of the InfraGard FBI program. David holds Certification Protection Professional (CPP) and Project Management Professional (PMP) certifications.
Andrea LeStarge, MS has over ten years of experience in program management, risk analysis and curriculum development. Being specialized in Homeland Security, Andrea leverages her experience in formerly managing projects to support various Federal Government entities in identifying, detecting and responding to man-made, natural and cyber incidents. She has an established track record in recognizing security gaps and corrective risk mitigation options, while effectively communicating findings to stakeholders, private sector owners and operators, and first-responder personnel within tactical, operational and strategic levels. Overall, Andrea encompasses analytical tradecraft and demonstrates consistent, repeatable and defensible methodologies pertaining to risk and the elements of threat, vulnerability and consequence.
Recorded webinar: https://youtu.be/hxpuYtMQgf0
Muestra la estructura y principales partes de un informe de auditoría
HERNÁNDEZ HERNÁNDEZ, Enrique. Auditoría en Informática. Un enfoque práctico, 2ª Edición, México: Compañía Editorial Continental, 2000
•Gomez Vieites, Alvaro. Enciclopedia de la Seguridad Informática. México: Alfaomega, 2007.
•
•Marín, Jorge. Amenazas Informáticas. Disponible en: http://www.mantenimientodecomputadoras.com.mx/index.php?option=com_content&view=article&id=51:amenazas-informaticas&catid=39:software
•Moreno León, Jesús. Test sobre conocimientos de seguridad informática. Disponible en: http://informatica.gonzalonazareno.org/plataforma/mod/forum/discuss.php?d=1673
Cybersecurity Incident Management Powerpoint Presentation Slides are designed for information technology experts. Our data security PowerPoint theme combines high-quality design with info accumulated by industry experts. Represent the present situation of the target organization’s information security management using our patterned PPT slideshow. The innovative data visualizations aid in compiling data such as the analysis of the current IT department with considerable convenience. Communicate the cybersecurity framework roadmap and kinds of cyber threats with the help of this PowerPoint layout. Demonstrate the cybersecurity risk management action plan through the tabular format included in this PPT presentation. Illustrate the cybersecurity contingency plan. Our information security management system PowerPoint templates deck helps you in defining risk handling responsibilities of your personnel. Elucidate the role of the management in successful information security governance. Our PPT deck also outlines the costs involved in cybersecurity management and staff training. Showcase an impact analysis with a dash of visual brilliance. Smash the download button and start designing. Our Cybersecurity Incident Management Powerpoint Presentation Slides are topically designed to provide an attractive backdrop to any subject. Use them to look like a presentation pro. https://bit.ly/3zWo1hb
FACULTAD DE INFORMATICA
UNIVERSIDAD COMPLUTENSE DE MADRID
INGENIERIA INFORMATICA
AUDITORIA INFORMATICA
Auditoria Informatica - Tema AI07 Auditoria proceso desarrollo software
Shariyaz abdeen data leakage prevention presentationShariyaz Abdeen
Data leakage prevention is one of the key topics which we have been talking in present. Due to the organizations moving towards big data, financial systems.. which resides in cyber space, there is an increasing number of frauds associated with the technology revolution in the cyberspace.This post highlights the threats and the counter measures, so we can protect the sensitive personal data. I prefer the approach of “ Trust but verify model ”.
CISO Application presentation - Babylon health securityDinis Cruz
This is the presentation that I created while applying for the CISO position at Babylon Health (note that I ended up taking up the CISO role at Revolut)
Digital Anti-Forensics: Emerging trends in data transformation techniquesSeccuris Inc.
This paper explores two questions: What
methods can be used to deceive someone who is
in an investigative role into trusting an object
which has been exploited? What kind of impact
does operating system and application run-time
linking have on live investigations? After
experimenting with dynamic object
dependencies and kernel modules in the UNIX
environment, it is the opinion of the authors that
run-time linking can be exploited to alter the
execution of otherwise trusted objects. This can
be accomplished without having to modify the
objects themselves. If an investigator trusts an
inherently un-trusted object, it can result in the
possible misdirection of a digital investigation.
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
The cyber security profession has successfully established explicit guidance for practitioners to implement effective cyber security programs via the NIST Cyber Security Framework (CSF). The CSF provides both a roadmap and a measuring stick for effective cyber security. Application of the CSF within cyber is nothing new, but the resurgence of Enterprise Security Risk Management and Security Convergence highlight opportunities for expanded application for cyber, physical, and personnel security risks. This NIST CSF can help practitioners build a cross-pollenated understanding of holistic risk.
Main points covered:
• Understand the purpose, value, and application of the NIST CSF in familiar non-technical terms.
• Understand how the Functions and Categories of the NIST CSF (the CSF “Core”) and an organization's “current” and “target” profiles are relevant and valuable in a variety of sectors and environments.
• Understand how an organization’s physical and cyber security resources and stakeholders can align with the NIST CSF as a tool to achieve holistic security risk management.
Presenters:
David Feeney, CPP, PMP has 17 years of security industry experience assisting organizations with risk management matters specific to physical, personnel, and cyber security. He has 9 years of experience with service providers and 8 years of experience within enterprise security organizations. David has worked with industry leaders in the energy, technology, healthcare, and real estate sectors. Areas of specialization include Security Operations Center design and management, Security Systems design and implementation, and Enterprise Risk Management. David holds leadership positions in ASIS International and is also a member of the InfraGard FBI program. David holds Certification Protection Professional (CPP) and Project Management Professional (PMP) certifications.
Andrea LeStarge, MS has over ten years of experience in program management, risk analysis and curriculum development. Being specialized in Homeland Security, Andrea leverages her experience in formerly managing projects to support various Federal Government entities in identifying, detecting and responding to man-made, natural and cyber incidents. She has an established track record in recognizing security gaps and corrective risk mitigation options, while effectively communicating findings to stakeholders, private sector owners and operators, and first-responder personnel within tactical, operational and strategic levels. Overall, Andrea encompasses analytical tradecraft and demonstrates consistent, repeatable and defensible methodologies pertaining to risk and the elements of threat, vulnerability and consequence.
Recorded webinar: https://youtu.be/hxpuYtMQgf0
Muestra la estructura y principales partes de un informe de auditoría
HERNÁNDEZ HERNÁNDEZ, Enrique. Auditoría en Informática. Un enfoque práctico, 2ª Edición, México: Compañía Editorial Continental, 2000
•Gomez Vieites, Alvaro. Enciclopedia de la Seguridad Informática. México: Alfaomega, 2007.
•
•Marín, Jorge. Amenazas Informáticas. Disponible en: http://www.mantenimientodecomputadoras.com.mx/index.php?option=com_content&view=article&id=51:amenazas-informaticas&catid=39:software
•Moreno León, Jesús. Test sobre conocimientos de seguridad informática. Disponible en: http://informatica.gonzalonazareno.org/plataforma/mod/forum/discuss.php?d=1673
Cybersecurity Incident Management Powerpoint Presentation Slides are designed for information technology experts. Our data security PowerPoint theme combines high-quality design with info accumulated by industry experts. Represent the present situation of the target organization’s information security management using our patterned PPT slideshow. The innovative data visualizations aid in compiling data such as the analysis of the current IT department with considerable convenience. Communicate the cybersecurity framework roadmap and kinds of cyber threats with the help of this PowerPoint layout. Demonstrate the cybersecurity risk management action plan through the tabular format included in this PPT presentation. Illustrate the cybersecurity contingency plan. Our information security management system PowerPoint templates deck helps you in defining risk handling responsibilities of your personnel. Elucidate the role of the management in successful information security governance. Our PPT deck also outlines the costs involved in cybersecurity management and staff training. Showcase an impact analysis with a dash of visual brilliance. Smash the download button and start designing. Our Cybersecurity Incident Management Powerpoint Presentation Slides are topically designed to provide an attractive backdrop to any subject. Use them to look like a presentation pro. https://bit.ly/3zWo1hb
FACULTAD DE INFORMATICA
UNIVERSIDAD COMPLUTENSE DE MADRID
INGENIERIA INFORMATICA
AUDITORIA INFORMATICA
Auditoria Informatica - Tema AI07 Auditoria proceso desarrollo software
Shariyaz abdeen data leakage prevention presentationShariyaz Abdeen
Data leakage prevention is one of the key topics which we have been talking in present. Due to the organizations moving towards big data, financial systems.. which resides in cyber space, there is an increasing number of frauds associated with the technology revolution in the cyberspace.This post highlights the threats and the counter measures, so we can protect the sensitive personal data. I prefer the approach of “ Trust but verify model ”.
CISO Application presentation - Babylon health securityDinis Cruz
This is the presentation that I created while applying for the CISO position at Babylon Health (note that I ended up taking up the CISO role at Revolut)
Digital Anti-Forensics: Emerging trends in data transformation techniquesSeccuris Inc.
This paper explores two questions: What
methods can be used to deceive someone who is
in an investigative role into trusting an object
which has been exploited? What kind of impact
does operating system and application run-time
linking have on live investigations? After
experimenting with dynamic object
dependencies and kernel modules in the UNIX
environment, it is the opinion of the authors that
run-time linking can be exploited to alter the
execution of otherwise trusted objects. This can
be accomplished without having to modify the
objects themselves. If an investigator trusts an
inherently un-trusted object, it can result in the
possible misdirection of a digital investigation.
Herramienta de penetración y evaluación de seguridad orientado en Ubuntu – Linux proporcionando un conjunto de herramientas de análisis de los sistemas de información de la red. Este Sistema operative, incluye un conjunto completo de herramientas necesarias para el hacking ético y pruebas de seguridad.
Los desafíos de calidad de software que nos trae la IA y los LLMsFederico Toledo
En esta charla, nos sumergiremos en los desafíos emergentes que la inteligencia artificial (IA) y los Large Language Models (LLMs) traen al mundo de la calidad del software y el testing. Exploraremos cómo la integración, uso o diseño de modelos de IA plantean nuevos retos, incluyendo la calidad de datos y detección de sesgos, sumando la complejidad de probar algo no determinístico. Revisaremos algunas propuestas que se están llevando adelante para ajustar nuestras tareas de testing al desarrollo de este tipo de sistemas, incluyendo enfoques de pruebas automatizadas y observabilidad.
Si bien los hospitales conjuntan a profesionales de salud que atienden a la población, existe un equipo de organización, coordinación y administración que permite que los cuidados clínicos se otorguen de manera constante y sin obstáculos.
Mario García Baltazar, director del área de Tecnología (TI) del Hospital Victoria La Salle, relató la manera en la que el departamento que él lidera, apoyado en Cirrus y Estela, brinda servicio a los clientes internos de la institución e impulsa una experiencia positiva en el paciente.
Conoce el Hospital Victoria La Salle
Ubicado en Ciudad Victoria, Tamaulipas, México
Inició operaciones en el 2016
Forma parte del Consorcio Mexicanos de Hospitales
Hospital de segundo nivel
21 habitaciones para estancia
31 camas censables
13 camillas
2 quirófanos
+174 integrantes en su plantilla
+120 equipos médicos de alta tecnología
+900 pacientes atendidos
Servicios de +20 especialidades
Módulos utilizados de Cirrus
HIS
EHR
ERP
Estela - Business Intelligence
Escaneo y eliminación de malware en el equiponicromante2000
El malware tiene muchas caras, y es que los programas maliciosos se reproducen en los ordenadores de diferentes formas. Ya se trate de virus, de programas espía o de troyanos, la presencia de software malicioso en los sistemas informáticos siempre debería evitarse. Aquí te muestro como trabaja un anti malware a la hora de analizar tu equipo
2. Introducción
● Controlar y mantener todas las posibles
vulnerabilidades puede ser muy difícil para los
administradores de sistemas
● Los scanners de vulnerabilidades pueden ayudar a
automatizar la auditoría en seguridad
● Capaces de escanear la red y páginas web, y
encontrar hasta miles de riesgos de seguridad
priorizados
3. ¿Qué es un escáner de vulnerabilidades?
● Aquél que es capaz de evaluar a una variedad de
vulnerabilidades sobre sistemas de información
● Pueden ser originadas:
• Debido al proveedor
• Actividades del administrador del sistema
• Actividades de los usuarios
4. Riesgos detectables
● Secuencias de órdenes en sitios cruzados (Cross
Side Scripting)
● Inyecciones SQL
● Ejecución de comandos
● Directory Traversal
● Configuraciones inseguras del servidor
5. Beneficios
✔ Detección temprana y ayuda al manejo de
problemas de seguridad conocidos
✔ Detectar nuevos dispositivos y sistemas conectados
sin autorización
✔ Verificar el inventario de todos los dispositivos en la
red
6. Limitaciones
● Los resultados muestran las condiciones en que se
encuentra el sistema en un tiempo determinado
●
Juicios humanos siempre son requeridos
● Se limitan a descubrir vulnerabilidades conocidas,
no es posible identificar aquellas relacionadas con
aspectos físicos, u operacionales.
9. Basados en red
● Scaner de puertos (Nmap)
● Scaner de vulnerabilidad de red (Nessus, SAINT,
OpenVas)
● Scaner de seguridad en aplicaciones web (Nikto,
w3af)
● Scanners de servidores web
10. Basados en host
● Scaner de seguridad de base de datos
● Scaner de vulnerabilidad basado en host (Lynis)
● Scaner de seguridad ERP
● Pruebas de seguridad únicas
11. Consideraciones para elegir un scanner
● Frecuencia y método de actualización
● Calidad vs Cantidad de vulnerabilidades
detectadas
● Calidad de los reportes
12. Buenas prácticas
● Considerar ubicación del escáner (dentro y fuera de red)
● Verificar rango de escaneo de puertos (0-15000 por
default)
● Mantener un historial de escaneos para poder comparar
antiguas configuraciones vs actuales
● Establecer políticas de seguridad (post y pre escaneo)
● Prever posible sobrecarga de red (en escaneo)
● Asegurarse que el historial de escaneo esté seguro
13. Nmap (Network mapper)
● Herramienta open source para auditoría,
descubrimiento y seguridad de red
● Utiliza paquetes IP para determinar hosts
disponibles sobre la red, que servicios ofrecen,
SO's, firewalls,
● Flexible, poderoso y portable
16. Comandos (2)
●
Detección de sistema operativo y servicios: nmap -O
<dir ip>
●
Detección de versión de servicios: nmap -sV <dir ip>
●
List scan: Nmap -sL <dir ip>
●
Saber si un host esta protegido por FireWall: nmap
-sA <dir ip>
●
sudo nmap --traceroute <dir ip>
17. Comandos (3)
● Mostrar todos los paquete enviados y recibidos:
nmap --packet-trace <dir ip>
● Mostrar interfaces y rutas: nmap --iflist